<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Auth extends CI_Controller {

	/**
	 * Index Page for this controller.
	 *
	 * Maps to the following URL
	 * 		http://example.com/index.php/welcome
	 *	- or -  
	 * 		http://example.com/index.php/welcome/index
	 *	- or -
	 * Since this controller is set as the default controller in 
	 * config/routes.php, it's displayed at http://example.com/
	 *
	 * So any other public methods not prefixed with an underscore will
	 * map to /index.php/welcome/<method_name>
	 * @see http://codeigniter.com/user_guide/general/urls.html
	 */
	public function index()
	{
		$this->load->view('auth');
	}
	
	public function login(){
		$sql =" SELECT * FROM josh_staff ";
		$sql.=" WHERE no='".$this->input->post('name')."' ";
		$sql.=" AND password=MD5('".$this->input->post('password')."') AND (pos_code='HRD' OR pos_code='ACC') ";
		$q=$this->db->query($sql);
		if($q->num_rows()>0){
			$row = $q->row_array();
			$access  = array(
								'name' => $row['name'] 
							);
			$this->session->set_userdata($access);				
			redirect('surat/index',301);
		} 
		else {
			redirect('auth',301);
		}
	}
	
	function logout(){
		$this->session->sess_destroy();  
		redirect('surat/index',301);
	}
	
}

/* End of file welcome.php */
/* Location: ./application/controllers/welcome.php */